While we are investigating the cause of the Network outage, we wanted to alert you that it may be a full day or two before weâ€™re able to get the service completely back up and running. Thank you very much for your patience while we work to resolve this matter. Please stay tuned to this space for more details, and weâ€™ll update you again as soon as we can.

I know they said they wouldn't do it anymore so as to not hurt Sony's customers, because then they would be just as bad as Sony. But to me this whole thing sounds too convenient not to be Anonymous. As it stands, I would think it seems like the perfect way for them to retaliate and yet not come off as the bad guys, as long as they deny ever doing it.

Stryfe wrote:I don't see how Sony allowing people to illegally redistribute part of their SDK, run home-brew, pirate, or cheat online against legitimate paying customers, is in their best interest.

Who is saying it is? The whole reason Anonymous targeted Sony was because Sony revoked a major feature that they advertised and sold to their customers, and then sued their customers that bypassed their security measures to bring back it back.

The only thing I would disagree with you on is home-brew, which is what they had with OtherOS minus direct access to the GPU.

PSX-Scene wrote: After days of speculation, Sony has confirmed that PlayStation Network and Qriocity were infiltrated and personal details, including credit card data, was compromised. The system was hacked three full days before Sony shut down PSN access. The official announcement comes only after Democratic Senator Richard Blumenthal publicly chastised Sony for it's slow response to the problem. It is also interesting to note that they waited until after the press conference for their soon-to-be-released PlayStation tablet and after the stock market has closed.

Security breaches happen, and there's always some type of risk involved when using your credit card at various places. But I must say a big thank you to Sony for taking your sweet time to cut off the infiltrators who spent upwards of 3 full days accessing our sensitive data, and thank you so much for notifying us members a full week after the intrusion. I guess that's the kind of protection I get for being a "legitimate paying customer". This is exactly the kind of thing that makes me feel completely apathetic to anything that goes wrong for Sony.

SCE/SNE wrote:Valued PlayStation Network/Qriocity Customer:

We have discovered that between April 17 and April 19, 2011, certain PlayStation Network and Qriocity service user account information was compromised in connection with an illegal and unauthorized intrusion into our network. In response to this intrusion, we have:

1. Temporarily turned off PlayStation Network and Qriocity services;
2. Engaged an outside, recognized security firm to conduct a full and complete investigation into what happened; and
3. Quickly taken steps to enhance security and strengthen our network infrastructure by re-building our system to provide you with greater protection of your personal information.

We greatly appreciate your patience, understanding and goodwill as we do whatever it takes to resolve these issues as quickly and efficiently as practicable.

Although we are still investigating the details of this incident, we believe that an unauthorized person has obtained the following information that you provided: name, address (city, state, zip), country, email address, birthdate, PlayStation Network/Qriocity password and login, and handle/PSN online ID. It is also possible that your profile data, including purchase history and billing address (city, state, zip), and your PlayStation Network/Qriocity password security answers may have been obtained. If you have authorized a sub-account for your dependent, the same data with respect to your dependent may have been obtained. While there is no evidence at this time that credit card data was taken, we cannot rule out the possibility. If you have provided your credit card data through PlayStation Network or Qriocity, out of an abundance of caution we are advising you that your credit card number (excluding security code) and expiration date may have been obtained.

For your security, we encourage you to be especially aware of email, telephone, and postal mail scams that ask for personal or sensitive information. Sony will not contact you in any way, including by email, asking for your credit card number, social security number or other personally identifiable information. If you are asked for this information, you can be confident Sony is not the entity asking. When the PlayStation Network and Qriocity services are fully restored, we strongly recommend that you log on and change your password. Additionally, if you use your PlayStation Network or Qriocity user name or password for other unrelated services or accounts, we strongly recommend that you change them, as well.

To protect against possible identity theft or other financial loss, we encourage you to remain vigilant, to review your account statements and to monitor your credit reports. We are providing the following information for those who wish to consider it:

U.S. residents are entitled under U.S. law to one free credit report annually from each of the three major credit bureaus. To order your free credit report, visit http://www.annualcreditreport.com or call toll-free (877) 322-8228.

We have also provided names and contact information for the three major U.S. credit bureaus below. At no charge, U.S. residents can have these credit bureaus place a â€œfraud alertâ€ on your file that alerts creditors to take additional steps to verify your identity prior to granting credit in your name. This service can make it more difficult for someone to get credit in your name. Note, however, that because it tells creditors to follow certain procedures to protect you, it also may delay your ability to obtain credit while the agency verifies your identity. As soon as one credit bureau confirms your fraud alert, the others are notified to place fraud alerts on your file. Should you wish to place a fraud alert, or should you have any questions regarding your credit report, please contact any one of the agencies listed below.

You may wish to visit the web site of the U.S. Federal Trade Commission at Deter. Detect. Defend. Avoid ID Theft or reach the FTC at 1-877-382-4357 or 600 Pennsylvania Avenue, NW, Washington, DC 20580 for further information about how to protect yourself from identity theft. Your state Attorney General may also have advice on preventing identity theft, and you should report instances of known or suspected identity theft to law enforcement, your State Attorney General, and the FTC. For North Carolina residents, the Attorney General can be contacted at 9001 Mail Service Center, Raleigh, NC 27699-9001; telephone (877) 566-7226; or NCDOJ. For Maryland residents, the Attorney General can be contacted at 200 St. Paul Place, 16th Floor, Baltimore, MD 21202; telephone: (888) 743-0023; or Maryland Attorney General - Home Page.

We thank you for your patience as we complete our investigation of this incident, and we regret any inconvenience. Our teams are working around the clock on this, and services will be restored as soon as possible. Sony takes information protection very seriously and will continue to work to ensure that additional measures are taken to protect personally identifiable information. Providing quality and secure entertainment services to our customers is our utmost priority. Please contact us at 1-800-345-7669 should you have any additional questions.

Sincerely,
Sony Computer Entertainment and Sony Network Entertainment

Last edited by DanteJay on Wed Apr 27, 2011 1:26 pm, edited 2 times in total.

What's even better is that they aren't offering to actually atone for what they allowed to happen. I'm sorry, but pretty much all of this information should be encrypted in some way and not able to be easily accessed, especially not by some fly-by-night hacking effort. Even better is that they essentially say "oops, now you deal with it" which doesn't help matters at all.

Grade A customer relations there Sony, and purposely putting off putting the information out until after the stock markets close and all... Even better.

I'm curious about what the best course for us consumers to take is. I suppose contacting our state's Attorney General's office might be a good first start. At least if they start hearing from the AG's office in all 50 states, maybe Sony will be held accountable for their lax security.

DanteJay wrote:But I must say a big thank you to Sony for taking your sweet time to cut off the infiltrators who spent upwards of 3 full days accessing our sensitive data, and thank you so much for notifying us members a full week after the intrusion.

I agree, this is total bullshit if they've known all along.

DanteJay wrote:I guess that's the kind of protection I get for being a "legitimate paying customer". This is exactly the kind of thing that makes me feel completely apathetic to anything that goes wrong for Sony.

I couldn't care less about Sony's problems, when the problems are theirs (unlike this situation). In all reality, they more than likely handled the situation like any other multi-billion dollar corporation would...

On the other hand, just because Sony screwed up doesn't make anonymous (although not responsible in this particular) some beacon of light. They're a$$hats too.

I think I'm pretty much done with Sony. The PS2 will probably always be my favourite console, but I just can't stand them as a company any longer. I enjoy my PS3, but it has online features - which is basically an estuary from the Sony bullshit river to my life. I can't blame them for being hacked, but telling me all my personal data and credit card details might have been in the hands of criminals for a week doesn't go down well at all. All it does is highlight their original plan - hide it all and hope for the best, which fell through after too much time passed. But hey-ho, at least they protected my consumer interests by suing evil custom firmware developers.

I'm glad I never made a PSN account for either my PSP or my PS3. I'm pretty much done with Sony at this point. The PS3 is just going to become a Cell experimental platform under linux and screw Sony and their games. Might be a good time to start looking at the Wii-Wii.

After the realization of what happened sunk in, I can say I'm completely disgusted with Sony at this point. But... with the PS3 home-brew community openly admitting to using the official SDK, and I cant see how those custom firmwares aren't using custom Sony code, I can't condone what they are doing.

If the PSL1GHT OpenSDK eventually gets adopted by the home-brew community, I'll be all in. People all over the PS3 hacking sites keep complaining about Sony not letting them do what they want with their systems (hardware). In reality, what they're really after is to do whatever they want with Sony's PS3 code (software), and that's not cool.

I heard a rumor (no idea what the validity is) that there was a new cfw out there that makes your console look as though it is a dev system or something. It gave them access to the PSN again and the ability to download anything they wanted for free. Sony supposedly shut down the service to cut them off and figure out how they did it. I think its mildly believable that Sony would rather tell you your personal info may be out there instead of informing even more people of the cfw you can have on your ps3.

On joystiq there's a lot of talk about all the various forms of backlash and criticism Sony is receiving. I've already changed my credit card info, but after seeing all the negative publicity that Sony is now enduring, I'm starting to feel better.

Penny-Arcade

Edit: So Sony's admitted now that personal data was not encrypted. This whole facade of theirs to use DRM on everything and protect consumer rights while storing consumer data in plain text absolutely makes me sick. And now apparently there are reports claiming that 2.2 million credit cards are up for sale through various forums.

PSX-Scene wrote:Point #2 -- Now we know why it is taking so long to restore the PSN network!

Sony wrote::We are initiating several measures that will significantly enhance all aspects of PlayStation Networkâ€™s security and your personal data, including moving our network infrastructure and data center to a new, more secure location, which is already underway.

So they are not just rebuilding the network, by updating the server software, they are moving to a whole new location, but this just opens up more questions! -- What was wrong with the old location? -- Was the "external intrusion" just simply someone walking in and looking like a techie-person, and copying the data removing the need to break any security?

Sony has had a shitty relationship with its consumers for a long time, but I never really gave a shit and always enjoyed their products. But, now... things have changed. With the events that transpired during the GeoHot lawsuit, they're acting as if they're the undisputable king of the hill that they were in the days of the PS2--- days that have long passed. They're third in the console war, and are still under the impression that their actions do not matter because no one gives a shit-- but they do. Implying that you don't own the hardware you paid for and then recording your information if you had visited GeoHot's website or viewed his YouTube videos... How is this allowed? Did Sega sue DCEmu for showing you how to play Donkey Kong Country on your Dreamcast? Or did Microsoft track you down with threats for sharing information on how to soft-mod your Xbox with the 007 game? Nope. These are all the actions reminiscent of an overly defensive child who used to be popular on the playground, but can't handle the charm of the new kid who can throw the football a bit farther.

I love my PS3. So much so that I just bought a new one 2 weeks ago due to the death of my drive on the old one. I don't do much console gaming these days, except for the PSX classics on the PSN Store, and certainly no online console gaming-- but the free online service allows me to watch Netflix without paying a second subscription to Xbox Live- AND it has a BluRay player, so all-in-all it's an awesome media PC that I can accomplish a lot with. With all that said, I'd much rather see the continued success of Microsfot and Nintendo over Sony. Why? Because they actually innovate and push the envelope when it comes to gaming. Sony has always had the sole interest of ensuring the success of a platform--and that's it. Not much more customer interaction or innovation (think Microsoft Windows relations 10 years ago).

I can't say that I'll be buying either Sony or Microsoft's next gen incarnations. Simply because I've proven that they're a waste of money for me: I'm a PC gamer, and the Bluray format is going to be around a long time, so my PS3 should sufffice. However, I'm extremely excited for Nintendo's next console because I love their first-party titles, am excited to see them in graphics that aren't 11 years old, and I can't play them on PC.